Managing fraud is a top priority for corporate treasurers, research reveals
By Puja Sharma
The Bottomline and Strategic Treasurer announce the release of the 2023 Treasury Fraud & Controls Survey. The global survey highlights findings of corporate and banking experiences with fraud, concerning exposure risks, fraud prevention, and securing data. This year marks the 8th year annual survey between the two firms, whose research partnership also includes the annual B2B Payments Survey.
The 2023 survey showcases an ongoing need for protection against fraud, which 73% of banks and corporates claim to have been impacted by in the past year, and 53% of whom indicate that they are in a better position to battle fraud when compared to last year. The survey demonstrates year over year the top fraud attempts on businesses come from business email compromise (BEC) and social engineering. This year, respondents indicated that payment diversions also contributed to fraud attempts.
A significant portion of respondents indicated that the reliance on remote work increased their risk of fraud, with 64% pointing towards BEC, 39% to data theft, and 38% to external fraud. At the same time, 41% of companies indicate that their requirements for security have grown. Still, only 3 out of 7 firms run financial impact analyses where they evaluate the costs of fraud and the benefits of adding security.
As we move through 2023, the spend on security is expected to remain strong, with 30% of companies spending more on fraud prevention, detection, and controls than in previous years. The use of network visualization and analytics to help investigate financial crimes is still a developing technology.
Banks are leading the charge in this investment, with most banks (55%) considering this, while only 11% of corporates are doing the same. The survey also indicates that centralized fraud investigation groups are becoming standard practice, further buoyed by plans to use artificial intelligence (AI) and machine learning (ML) to fight sophisticated payments fraud.
“We have seen banks and corporates embrace the need for widespread security system adoption across the ecosystem over the last few years. This year, the survey indicates treasurers are actively engaged and making a significant effort to implement fraud detection and prevention controls. This is encouraging given the growing concerns of internal and external threat levels organizations are experiencing,” said Omri Kletter, Global VP of Product Strategy, Cyber Fraud, and Risk Management at Bottomline.
“With the expansion of payment systems such as real-time payments, it is now crucial that corporates lean on their banks for guidance. Many companies still equate faster payments to elevated risk levels, with top concerns being irrevocability and speed of transactions. Bottomline continues to work with corporates and banks to debunk these myths and help customers prevent fraud across their payment ecosystems,” he added.
“Poor protection of the custody of sensitive payment files across a company’s network remains a massive exposure. Only 38% of companies maintain a full audit trail of payment files across their network. Often, these files are unencrypted and un-hashed, exposing them to easy compromise and redirection of payments,” warns Craig Jeffery, Managing Partner and Chief Researcher at Strategic Treasurer.
Key Takeaways:
- As we move through 2023, the spend on security is expected to remain strong, with 30% of companies spending more on fraud prevention, detection, and controls than in previous years.
- A significant portion of respondents indicated that the reliance on remote work increased their risk of fraud, with 64% pointing towards BEC, 39% to data theft, and 38% to external fraud
- 41% of companies indicate that their requirements for security have grown. Still, only 3 out of 7 firms run financial impact analyses where they evaluate the costs of fraud and the benefits of adding security.
Other Related News
July 16, 2024
Rise in sophisticated attacks, state-level threats, and increased ransom DDoS Incidents
Read MoreJuly 15, 2024